• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 2322
  • Last Modified:

How Do You Tell if You're Being Hacked?!

What I wants to know is how can you tell if someone has stolen any personal information from your computer, if they managed to get into your computer, or attempt to get into ur computer.  There has to be a way to tell all connections ever made to the computer.

The only way I knows is netstat (-a -b -n -v -etc)  I knows how to use all those commands.

But is there other ways too tell as well.  Cause lately my internet speed was up and down.  Sometimes when I sends a file or surf the web it's really fast then 5 minutes later the internet goes really slow.  I have broadband and sometimes I gets 5 kbps then another while after I gets 100 kbps.  Seems a little suspiscious and I want to take a closer look into the matter.

So if anyone knows of all the ways to tell all of the connections ever made to this computer.  From startup to shutdown, keep a log of all connections?   Any comments?
0
Xygus02
Asked:
Xygus02
1 Solution
 
Xygus02Author Commented:
Note:   my svchost.exe  shows up in my netstat, but my firewall blocks all connections made to and from my computer.  Should I be weary of this connection?
0
 
rossfingalCommented:
Depending on your system -
you'll have multiple copies of svchost.exe running from:
C:\WINDOWS\System32
or -
C:\WINNT\System32
These are legitimate processes.

Cheers!
RF
0
 
smconsultCommented:
What kind of firewall are you using?

Sean
0
Threat Trends for MSPs to Watch

See the findings.
Despite its humble beginnings, phishing has come a long way since those first crudely constructed emails. Today, phishing sites can appear and disappear in the length of a coffee break, and it takes more than a little know-how to keep your clients secure.

 
Xygus02Author Commented:
I'm using Norton Personal Firewall 2003
and the firewall Service Pack 2 comes with.
0
 
smconsultCommented:
I'm not familiar with the logging capabilities of Norton.

If you were using a hardware firewall of some sort, you could use a Syslog program like Kiwi to log all of the incoming and outgoing connections.  For example, I'm using a Linksys BEFSR81 at the house, and an RV082 at work, and both are dumping their logs to Kiwi for forwarding to Dshield.org.

Are you on dial-up, or broadband?  (From the speeds you mentioned in your original question, it sounds like you're on dial-up.)

Sean
0
 
QuetzalCommented:
Could be a bad network adaptor, wiring inside or outside.  Try opening a cmd window and do a continuous ping (e.g. ping -t google.com) to see if dropped packets or high latency during the slow periods.
0
 
XygusCommented:
No more replys to this question plz.  Xygus02 has been suspended cause experts-exchange suspected me of more then one account.  So I need to end this question immediately, thou I don't have the power to accept any of your answers.  But an admin might be able to do it for me.  If I had to choose anyone here to be rewarded, I would choose smconsult cause he told me about Dshield.org which I am going to use once I knows what my SMTP is.

thx
0

Featured Post

A Cyber Security RX to Protect Your Organization

Join us on December 13th for a webinar to learn how medical providers can defend against malware with a cyber security "Rx" that supports a healthy technology adoption plan for every healthcare organization.

Tackle projects and never again get stuck behind a technical roadblock.
Join Now